Remote Desktop Protocol: The Security Risks

In the past year, cybercriminals behind two of the biggest ransomware attacks have abandoned other techniques in favor of exploiting remote desktop protocol. Matt Boddy of Sophos explains why RDP attacks are so popular - and what you can do to discourage them.

RDP is the exploit of choice for attackers to get a foothold in one's environment, says Boddy, security specialist with Sophos, and lead author on recent RDP research. "And once they've got that foothold, they'll then spread and get to every possible device that they can."

And what the research starkly reveals: "How much people are getting attacked every single day just for having their business online."

In an interview about RDP security, Boddy discusses:

Findings from Sophos' latest research;

What enterprises are currently overlooking;

Three common characteristics of RDP attacks.

Boddy started his career working as a network engineer for the Ministry of Defence, helping create and secure military grade networks. He then moved to work as a penetration tester in the MoD, testing and breaking into the networks which he helped create. For the past three years Matt has been working as a Security Specialist at Sophos, helping customers secure their infrastructures, and taking a deeper dive into a variety of cyber threats.